From 8fd62e70cde135943e54d80851984988cb00000a Mon Sep 17 00:00:00 2001
From: Artem Dergachev <adergachev@apple.com>
Date: Tue, 20 Dec 2022 14:58:35 -0800
Subject: [PATCH] [-Wunsafe-buffer-usage] Suppress an assertion for visiting
 VarDecl twice.

The assertion doesn't seem to hold due to ASTMatchers traversing code
inside GNU StmtExpr twice. This can screw up our algorithm's invariants.
We need a further investigation to properly fix this issue, but for now
let's avoid the crash.
---
 clang/lib/Analysis/UnsafeBufferUsage.cpp              |  6 +++++-
 clang/test/SemaCXX/warn-unsafe-buffer-usage-crashes.c | 13 +++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)
 create mode 100644 clang/test/SemaCXX/warn-unsafe-buffer-usage-crashes.c

diff --git a/clang/lib/Analysis/UnsafeBufferUsage.cpp b/clang/lib/Analysis/UnsafeBufferUsage.cpp
index 85449c4..88d6ca3 100644
--- a/clang/lib/Analysis/UnsafeBufferUsage.cpp
+++ b/clang/lib/Analysis/UnsafeBufferUsage.cpp
@@ -245,7 +245,11 @@ public:
   void discoverDecl(const DeclStmt *DS) {
     for (const Decl *D : DS->decls()) {
       if (const auto *VD = dyn_cast<VarDecl>(D)) {
-        assert(Defs.count(VD) == 0 && "Definition already discovered!");
+        // FIXME: Assertion temporarily disabled due to a bug in
+        // ASTMatcher internal behavior in presence of GNU
+        // statement-expressions. We need to properly investigate this
+        // because it can screw up our algorithm in other ways.
+        // assert(Defs.count(VD) == 0 && "Definition already discovered!");
         Defs[VD] = DS;
       }
     }
diff --git a/clang/test/SemaCXX/warn-unsafe-buffer-usage-crashes.c b/clang/test/SemaCXX/warn-unsafe-buffer-usage-crashes.c
new file mode 100644
index 0000000..225e67f
--- /dev/null
+++ b/clang/test/SemaCXX/warn-unsafe-buffer-usage-crashes.c
@@ -0,0 +1,13 @@
+// RUN: %clang_cc1 -Wunsafe-buffer-usage %s -verify %s
+
+void gnu_stmtexpr_crash(void) {
+  struct A {};
+  struct B {
+    struct A a;
+  };
+
+  struct B b = {{
+    // This is a statement-expression (GNU extension).
+    ({ int x; }) // no-crash // expected-warning{{excess elements in struct initializer}}
+  }};
+}
-- 
2.7.4